Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
File: okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft (raw, json)
Hash identifier: xDikL3mdNDbULqNhhEqNUdfiyECNzDGWjCUjhLApR38=
Subject key identifier: 18:79:5A:F1:60:31:F4:46:2F:1A:29:ED:77:65:FB:81:FC:53:06:84
Authority key identifier: A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
Certificate issuer: /CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Certificate serial: 019A1CBE1A9FAF34CF318577F2E8128D4F37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
Manifest number: 01A9
Signing time: Sat 25 Oct 2025 19:00:11 +0000
Manifest this update: Sat 25 Oct 2025 19:00:11 +0000
Manifest next update: Sun 26 Oct 2025 19:00:11 +0000
Files and hashes: 1: dV2LrBjIlql28uwMDcJVQI6s6A8.roa (hash: F8uj/t68nQ3cbE2EUpzLNyfLklCyKLVmpdDgkWw1Qw4=)
2: okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl (hash: MphtY4yxV5OkAmahA2XLSPZG8skmMrIm1UAuvVHUC5A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 19:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:1c:be:1a:9f:af:34:cf:31:85:77:f2:e8:12:8d:4f:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Validity
Not Before: Oct 25 19:00:11 2025 GMT
Not After : Oct 26 19:00:11 2025 GMT
Subject: CN=18795af16031f4462f1a29ed7765fb81fc530684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:bb:35:bc:2e:ba:9a:cd:b8:13:37:5a:1b:15:
26:37:7c:d6:d5:46:84:17:f1:61:5a:18:c0:3d:da:
a5:a0:a1:22:94:dd:87:01:b2:c3:f9:9c:1c:9a:a2:
9b:15:d4:04:90:73:c3:67:67:83:d1:b2:93:bc:15:
f0:0f:24:62:9a:65:28:fd:8e:71:32:91:e4:49:f3:
90:13:8c:73:a1:3b:cb:44:9c:09:64:35:28:ff:4c:
f1:8b:30:ca:68:51:b7:3e:09:2a:b7:45:ad:ad:ce:
19:31:a7:88:52:2f:74:44:c3:e4:c5:31:2f:6d:7f:
46:7f:da:0b:98:b5:86:14:d3:bc:b4:ef:7c:53:fc:
3f:72:83:54:7c:c1:7d:62:28:6c:8d:2e:e1:89:e5:
e6:0f:89:6d:d4:62:2a:74:eb:ee:da:cf:23:1b:98:
24:b2:49:f0:c4:28:18:b3:18:cf:e9:42:27:39:01:
dc:3f:9e:bf:95:37:bb:14:d0:fc:b0:ae:75:3a:79:
ba:32:3f:c4:23:e0:10:00:e3:75:ab:fc:90:47:cc:
8d:45:be:06:30:42:78:21:b9:ff:34:b5:8e:1d:94:
df:b9:ef:e5:a8:e8:1e:59:ac:6a:2b:90:46:72:2b:
79:8f:25:dc:f9:46:c5:7d:dd:e2:3e:34:18:24:f7:
4f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:79:5A:F1:60:31:F4:46:2F:1A:29:ED:77:65:FB:81:FC:53:06:84
X509v3 Authority Key Identifier:
keyid:A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:6e:3f:62:44:67:e0:8d:64:b9:6b:8b:de:0e:eb:b8:48:dd:
04:dc:cc:08:38:11:94:59:e6:0e:ab:e5:47:98:26:59:63:dc:
7e:84:d8:ac:a7:d8:c7:db:fa:29:97:e4:52:a5:40:22:35:76:
56:62:d8:e9:ab:32:59:66:6c:31:3d:e1:12:e3:81:11:c6:41:
fe:19:6d:ae:4a:fa:cb:8e:b5:df:f2:d8:9b:b5:37:78:72:3b:
77:ce:aa:ad:ef:66:6c:91:6e:1d:5e:f1:ae:26:17:fa:33:1a:
0e:e6:b7:d1:fe:33:80:bc:01:5a:96:fd:55:de:39:2d:7a:17:
59:77:f9:23:cf:4d:68:ac:6f:db:34:d1:e9:6f:e8:b6:31:ac:
20:d9:55:fa:18:3d:76:ac:f0:1c:36:ca:b8:45:3f:ef:9a:1b:
36:bb:fa:09:42:66:cb:69:db:68:f7:7b:3a:e9:03:f9:56:b4:
e6:7d:5e:0e:c0:79:1b:37:f4:d1:a7:85:37:e2:e9:67:93:8d:
e9:81:09:f9:f0:0d:6f:32:d2:98:0e:0b:64:c9:3b:df:a3:51:
43:17:d4:b3:55:7c:e5:48:23:11:30:ae:b1:8d:9d:0d:80:10:
a7:11:28:ae:a8:eb:37:ad:1e:9b:67:0d:ef:db:5e:23:c0:40:
a3:ab:bc:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZocvhqfrzTPMYV38ugSjU83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNDM1N2JlMTk1ODc5NmIxMmM0MmI0ZjRjYWM1MWI4M2Rl
OGZkMmIwHhcNMjUxMDI1MTkwMDExWhcNMjUxMDI2MTkwMDExWjAzMTEwLwYDVQQD
EygxODc5NWFmMTYwMzFmNDQ2MmYxYTI5ZWQ3NzY1ZmI4MWZjNTMwNjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLs1vC66ms24EzdaGxUmN3zW1UaE
F/FhWhjAPdqloKEilN2HAbLD+ZwcmqKbFdQEkHPDZ2eD0bKTvBXwDyRimmUo/Y5x
MpHkSfOQE4xzoTvLRJwJZDUo/0zxizDKaFG3Pgkqt0Wtrc4ZMaeIUi90RMPkxTEv
bX9Gf9oLmLWGFNO8tO98U/w/coNUfMF9YihsjS7hieXmD4lt1GIqdOvu2s8jG5gk
sknwxCgYsxjP6UInOQHcP56/lTe7FND8sK51Onm6Mj/EI+AQAON1q/yQR8yNRb4G
MEJ4Ibn/NLWOHZTfue/lqOgeWaxqK5BGcit5jyXc+UbFfd3iPjQYJPdPUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBh5WvFgMfRGLxop7Xdl+4H8UwaEMB8GA1UdIwQY
MBaAFKJDV74ZWHlrEsQrT0ysUbg96P0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMt
M2YzY2MxZTU3M2ZkLzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMtM2YzY2MxZTU3M2Zk
LzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZW4/YkRn
4I1kuWuL3g7ruEjdBNzMCDgRlFnmDqvlR5gmWWPcfoTYrKfYx9v6KZfkUqVAIjV2
VmLY6asyWWZsMT3hEuOBEcZB/hltrkr6y4613/LYm7U3eHI7d86qre9mbJFuHV7x
riYX+jMaDua30f4zgLwBWpb9Vd45LXoXWXf5I89NaKxv2zTR6W/otjGsINlV+hg9
dqzwHDbKuEU/75obNrv6CUJmy2nbaPd7OukD+Va05n1eDsB5Gzf00aeFN+LpZ5ON
6YEJ+fANbzLSmA4LZMk736NRQxfUs1V85UgjETCusY2dDYAQpxEorqjrN60em2cN
79teI8BAo6u8Fg==
-----END CERTIFICATE-----
Generated at Sat Oct 25 23:35:25 2025 by rpki-client